Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[7.1.0+] Characters & < > ' " being converted to &amp; &lt; &gt; &#39; &quo; #1535

Closed
davekos opened this issue Jun 17, 2014 · 21 comments
Closed

Comments

@davekos
Copy link

@davekos davekos commented Jun 17, 2014

I am using Handsontable 0.10.5 version.

When I type in a Handsontable cell a text string which contains ( & < > ' " ) and save the data, the next time I edit the cell they are converted into ( & < > ' &quo;) respectively. I noticed this issue was addressed previously in 0.6.0 Beta version (Sep 2012) but now I am seeing it in this version.

Is the Data being filtered before being displayed to the screen or do I need to set a parameter when I create my instance of Handsontable?

@AMBudnik

This comment has been minimized.

Copy link
Contributor

@AMBudnik AMBudnik commented Mar 31, 2015

This issue should not occur any more. Please update your HOT to 0.13.1 and try it out. In case of any sumilar issues give us a feedback and we'll reopen this issue.

@AMBudnik

This comment has been minimized.

Copy link
Contributor

@AMBudnik AMBudnik commented Aug 13, 2019

Unfortunately, the bug is back.

You can test it here in v 7.1.1
https://handsontable.com/docs/7.1.1/demo-scrolling.html

GIF

Tested on Windows 10/ Chrome 76.

This issue came back in v7.1.0

Inform forum, and forum after fixing

@AMBudnik AMBudnik reopened this Aug 13, 2019
@AMBudnik AMBudnik changed the title Characters & < > ' " being converted to &amp; &lt; &gt; &#39; &quo; [7.1.0+] Characters & < > ' " being converted to &amp; &lt; &gt; &#39; &quo; Aug 13, 2019
@wojciechczerniak wojciechczerniak added this to the September 2019 milestone Aug 13, 2019
@fengjac

This comment has been minimized.

Copy link

@fengjac fengjac commented Oct 8, 2019

@AMBudnik Any update? Thanks

@AMBudnik

This comment has been minimized.

Copy link
Contributor

@AMBudnik AMBudnik commented Oct 8, 2019

Hey @fengjac since September we are working on a new major version 8.0.0-rc1 so all the tasks were held. Also, it seems like the latest build doesn't change anything in this matter https://jsfiddle.net/handsoncode/tuwzL6pd/.
We are preparing a new index mapper described here #5751

@h0jeZvgoxFepBQ2C

This comment has been minimized.

Copy link

@h0jeZvgoxFepBQ2C h0jeZvgoxFepBQ2C commented Oct 16, 2019

Do you think this will be fixed soon?

This is a total blocker for us, since our customers can't use it safely to import data from excel.
Right now we stopped the implementation of handontable in our product due to this bug.

@wojciechczerniak

This comment has been minimized.

Copy link
Member

@wojciechczerniak wojciechczerniak commented Oct 16, 2019

It's an HTML sanitizer. Safety first. We will work on adding whitelist/blacklist capability.

But this shouldn't be a blocker @h0jeZvgoxFepBQ2C. You can decode HTML in beforePaste hook: https://jsfiddle.net/v0yn73dm/

@h0jeZvgoxFepBQ2C

This comment has been minimized.

Copy link

@h0jeZvgoxFepBQ2C h0jeZvgoxFepBQ2C commented Oct 16, 2019

Ah ok great, thanks for this @wojciechczerniak ! ❤️

@AMBudnik

This comment has been minimized.

Copy link
Contributor

@AMBudnik AMBudnik commented Oct 30, 2019

It also works well when you use the predefined html renderer https://jsfiddle.net/4x9fr0ps/1/

@swistach swistach modified the milestones: September 2019, November 2019 Nov 6, 2019
swistach added a commit that referenced this issue Nov 6, 2019
…ers with HTML entities. #1535
swistach added a commit that referenced this issue Nov 6, 2019
swistach added a commit that referenced this issue Nov 7, 2019
…d on defined keys. #1535
swistach added a commit that referenced this issue Nov 7, 2019
* Changed: parseTable.htmlToGridSettings should not replace <>& characters with HTML entities. #1535

* Added: tests for correct identification of special characters. #1535

* Changed: applied @wojciechczerniak's suggestions - cached regexp based on defined keys. #1535
jansiegel added a commit that referenced this issue Nov 8, 2019
* Changed: parseTable.htmlToGridSettings should not replace <>& characters with HTML entities. #1535

* Added: tests for correct identification of special characters. #1535

* Changed: applied @wojciechczerniak's suggestions - cached regexp based on defined keys. #1535
@dandcrooks

This comment has been minimized.

Copy link

@dandcrooks dandcrooks commented Nov 11, 2019

Any update on what release a fix will be included in?

@AMBudnik

This comment has been minimized.

Copy link
Contributor

@AMBudnik AMBudnik commented Nov 12, 2019

Hey @dandcrooks

The release of 7.3.0 is planned for 18/11

@aninde

This comment has been minimized.

Copy link

@aninde aninde commented Nov 15, 2019

@davekos @dandcrooks @h0jeZvgoxFepBQ2C @fengjac this bug will be fixed in 7.3.0 v. We plan to release it in next week.

It will be possible to paste different characters

Demo
7.3.0 https://jsfiddle.net/aninde/oj5n3fr9/
Screenshot 2019-11-15 at 11 06 55

@AMBudnik

This comment has been minimized.

Copy link
Contributor

@AMBudnik AMBudnik commented Nov 18, 2019

Works on Windows for Chrome 78 and FF 70

@vincent-cm

This comment has been minimized.

Copy link

@vincent-cm vincent-cm commented Nov 18, 2019

Hey @dandcrooks

The release of 7.3.0 is planned for 18/11
@AMBudnik
Is it ready?

@dandcrooks

This comment has been minimized.

Copy link

@dandcrooks dandcrooks commented Nov 18, 2019

@vincent-cm Thank you for letting me know. I'll grab it as soon as I can and test it out.

Any idea if this has been tested in older browser versions?

@AMBudnik

This comment has been minimized.

Copy link
Contributor

@AMBudnik AMBudnik commented Nov 19, 2019

We wanted to release it on 18th of Nov. but we found out that it does not work when you use iframes in some cases mentioned here #6478 so we're doing a quick fix. We didn't want to push a version that will block all our demos on Edge.
Till Thursday (planned release with the Edge fix) is now Thursday. I hope that we won't find any showstoppers and will be able to update you on time :)

@aninde

This comment has been minimized.

Copy link

@aninde aninde commented Nov 25, 2019

Still fixed on latest 7.3.0 https://jsfiddle.net/d9bLtx75/1/

@dandcrooks

This comment has been minimized.

Copy link

@dandcrooks dandcrooks commented Nov 25, 2019

@AMBudnik Any update of when the release is planned? Thanks for keeping me in the loop.

@AMBudnik

This comment has been minimized.

Copy link
Contributor

@AMBudnik AMBudnik commented Dec 2, 2019

Sorry for keeping you waiting @dandcrooks we test this new feature from 7.3.0 very extensively and find one regression after another. As our internal policy does not allow us to push a version with a regression we need to fix them before the release.

@dandcrooks

This comment has been minimized.

Copy link

@dandcrooks dandcrooks commented Dec 3, 2019

@AMBudnik I appreciate the attention to fixing those before release. Thanks again for the update.

@aninde

This comment has been minimized.

Copy link

@aninde aninde commented Dec 9, 2019

Still works well during testing 7.3.0 v. (6.12) on Chrome 78, Firefox 70, Safari 13, Microsoft Dev Edge / Mac OS Catalina and IE, Edge, Edge Dev / Windows 10
https://jsfiddle.net/3z5fct4g/

@AMBudnik

This comment has been minimized.

Copy link
Contributor

@AMBudnik AMBudnik commented Dec 13, 2019

I'm really glad to see this issue solved! It is a pleasure to close this as solved :)

@dandcrooks @vincent-cm @h0jeZvgoxFepBQ2C

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
9 participants
You can’t perform that action at this time.